1 |
<? |
2 |
|
3 |
/* |
4 |
Document manager auth_pop3.php module |
5 |
|
6 |
WARNING: this modules uses e-mail address to check |
7 |
login and password against pop3 server! e-mail must be |
8 |
in following form: |
9 |
|
10 |
login_on_pop3_server@pop3_server.domain |
11 |
|
12 |
That should actually be also a vaild e-mail address |
13 |
|
14 |
|
15 |
this module is based on class.POP3.php3 by cdi@thewebmasters.net |
16 |
*/ |
17 |
|
18 |
function auth_pop3($user) { |
19 |
$email = explode("@",$user[3]); |
20 |
$pop3 = new POP3(); |
21 |
$pop3->connect($email[1]); |
22 |
if ($pop3->checklogin($email[0],$GLOBALS[PHP_AUTH_PW])) { |
23 |
$pop3->quit(); |
24 |
return true; |
25 |
} |
26 |
$pop3->quit(); |
27 |
return false; |
28 |
} |
29 |
|
30 |
//-------------------------------------------------------------------------- |
31 |
|
32 |
/* |
33 |
This is just a part of class.POP3.php3 which is needed for |
34 |
auth_pop3.php module. Please look at original location for |
35 |
whole class! |
36 |
|
37 |
class.POP3.php3 v1.0 99/03/24 CDI cdi@thewebmasters.net |
38 |
Copyright (c) 1999 - CDI (cdi@thewebmasters.net) All Rights Reserved |
39 |
|
40 |
An RFC 1939 compliant wrapper class for the POP3 protocol. |
41 |
*/ |
42 |
|
43 |
class POP3 |
44 |
{ |
45 |
var $ERROR = ""; // Error string. |
46 |
|
47 |
var $TIMEOUT = 60; // Default timeout before giving up on a |
48 |
// network operation. |
49 |
|
50 |
var $COUNT = -1; // Mailbox msg count |
51 |
|
52 |
var $BUFFER = 512; // Socket buffer for socket fgets() calls. |
53 |
// Per RFC 1939 the returned line a POP3 |
54 |
// server can send is 512 bytes. |
55 |
|
56 |
var $FP = ""; // The connection to the server's |
57 |
// file descriptor |
58 |
|
59 |
var $MAILSERVER = ""; // Set this to hard code the server name |
60 |
|
61 |
var $DEBUG = false;// set to true to echo pop3 |
62 |
// commands and responses to error_log |
63 |
// this WILL log passwords! |
64 |
|
65 |
var $BANNER = ""; // Holds the banner returned by the |
66 |
// pop server - used for apop() |
67 |
|
68 |
var $RFC1939 = true; // Set by noop(). See rfc1939.txt |
69 |
// |
70 |
|
71 |
var $ALLOWAPOP = false;// Allow or disallow apop() |
72 |
// This must be set to true |
73 |
// manually. |
74 |
|
75 |
function POP3 ( $server = "", $timeout = "" ) |
76 |
{ |
77 |
settype($this->BUFFER,"integer"); |
78 |
if(!empty($server)) |
79 |
{ |
80 |
// Do not allow programs to alter MAILSERVER |
81 |
// if it is already specified. They can get around |
82 |
// this if they -really- want to, so don't count on it. |
83 |
if(empty($this->MAILSERVER)) |
84 |
{ |
85 |
$this->MAILSERVER = $server; |
86 |
} |
87 |
} |
88 |
if(!empty($timeout)) |
89 |
{ |
90 |
settype($timeout,"integer"); |
91 |
$this->TIMEOUT = $timeout; |
92 |
set_time_limit($timeout); |
93 |
} |
94 |
return true; |
95 |
} |
96 |
|
97 |
function update_timer () |
98 |
{ |
99 |
set_time_limit($this->TIMEOUT); |
100 |
return true; |
101 |
} |
102 |
|
103 |
function connect ($server, $port = 110) |
104 |
{ |
105 |
// Opens a socket to the specified server. Unless overridden, |
106 |
// port defaults to 110. Returns true on success, false on fail |
107 |
|
108 |
// If MAILSERVER is set, override $server with it's value |
109 |
|
110 |
if(!empty($this->MAILSERVER)) |
111 |
{ |
112 |
$server = $this->MAILSERVER; |
113 |
} |
114 |
|
115 |
if(empty($server)) |
116 |
{ |
117 |
$this->ERROR = "POP3 connect: No server specified"; |
118 |
unset($this->FP); |
119 |
return false; |
120 |
} |
121 |
|
122 |
$fp = fsockopen("$server", $port, &$errno, &$errstr); |
123 |
|
124 |
if(!$fp) |
125 |
{ |
126 |
$this->ERROR = "POP3 connect: Error [$errno] [$errstr]"; |
127 |
unset($this->FP); |
128 |
return false; |
129 |
} |
130 |
|
131 |
set_socket_blocking($fp,-1); |
132 |
$this->update_timer(); |
133 |
$reply = fgets($fp,$this->BUFFER); |
134 |
$reply = $this->strip_clf($reply); |
135 |
if($this->DEBUG) { error_log("POP3 SEND [connect: $server] GOT [$reply]",0); } |
136 |
if(!$this->is_ok($reply)) |
137 |
{ |
138 |
$this->ERROR = "POP3 connect: Error [$reply]"; |
139 |
unset($this->FP); |
140 |
return false; |
141 |
} |
142 |
$this->FP = $fp; |
143 |
$this->BANNER = $this->parse_banner($reply); |
144 |
$this->RFC1939 = $this->noop(); |
145 |
if($this->RFC1939) |
146 |
{ |
147 |
$this->ERROR = "POP3: premature NOOP OK, NOT an RFC 1939 Compliant server"; |
148 |
$this->quit(); |
149 |
return false; |
150 |
} |
151 |
return true; |
152 |
} |
153 |
|
154 |
//----------------------------- |
155 |
|
156 |
function checklogin ($user, $pass) { |
157 |
$reply = $this->send_cmd("USER $user"); |
158 |
if(!$this->is_ok($reply)) |
159 |
{ |
160 |
$this->ERROR = "POP3 user: Error [$reply]"; |
161 |
return false; |
162 |
} |
163 |
|
164 |
$reply = $this->send_cmd("PASS $pass"); |
165 |
if(!$this->is_ok($reply)) |
166 |
{ |
167 |
$this->ERROR = "POP3 pass: authentication failed [$reply]"; |
168 |
$this->quit(); |
169 |
return false; |
170 |
} |
171 |
// Auth successful. |
172 |
return true; |
173 |
} |
174 |
|
175 |
//------------------------------------------- |
176 |
|
177 |
function noop () |
178 |
{ |
179 |
if(!isset($this->FP)) |
180 |
{ |
181 |
$this->ERROR = "POP3 noop: No connection to server"; |
182 |
return false; |
183 |
} |
184 |
$cmd = "NOOP"; |
185 |
$reply = $this->send_cmd($cmd); |
186 |
if(!$this->is_ok($reply)) |
187 |
{ |
188 |
return false; |
189 |
} |
190 |
return true; |
191 |
} |
192 |
|
193 |
function send_cmd ( $cmd = "" ) |
194 |
{ |
195 |
// Sends a user defined command string to the |
196 |
// POP server and returns the results. Useful for |
197 |
// non-compliant or custom POP servers. |
198 |
// Do NOT include the \r\n as part of your command |
199 |
// string - it will be appended automatically. |
200 |
|
201 |
// The return value is a standard fgets() call, which |
202 |
// will read up to $this->BUFFER bytes of data, until it |
203 |
// encounters a new line, or EOF, whichever happens first. |
204 |
|
205 |
// This method works best if $cmd responds with only |
206 |
// one line of data. |
207 |
|
208 |
if(!isset($this->FP)) |
209 |
{ |
210 |
$this->ERROR = "POP3 send_cmd: No connection to server"; |
211 |
return false; |
212 |
} |
213 |
|
214 |
if(empty($cmd)) |
215 |
{ |
216 |
$this->ERROR = "POP3 send_cmd: Empty command string"; |
217 |
return ""; |
218 |
} |
219 |
|
220 |
$fp = $this->FP; |
221 |
$buffer = $this->BUFFER; |
222 |
$this->update_timer(); |
223 |
fwrite($fp,"$cmd\r\n"); |
224 |
$reply = fgets($fp,$buffer); |
225 |
$reply = $this->strip_clf($reply); |
226 |
if($this->DEBUG) { @error_log("POP3 SEND [$cmd] GOT [$reply]",0); } |
227 |
return $reply; |
228 |
} |
229 |
|
230 |
function quit () |
231 |
{ |
232 |
// Closes the connection to the POP3 server, deleting |
233 |
// any msgs marked as deleted. |
234 |
|
235 |
if(!isset($this->FP)) |
236 |
{ |
237 |
$this->ERROR = "POP3 quit: connection does not exist"; |
238 |
return false; |
239 |
} |
240 |
$fp = $this->FP; |
241 |
$cmd = "QUIT"; |
242 |
fwrite($fp,"$cmd\r\n"); |
243 |
$reply = fgets($fp,$this->BUFFER); |
244 |
$reply = $this->strip_clf($reply); |
245 |
if($this->DEBUG) { @error_log("POP3 SEND [$cmd] GOT [$reply]",0); } |
246 |
fclose($fp); |
247 |
unset($this->FP); |
248 |
return true; |
249 |
} |
250 |
|
251 |
// ********************************************************* |
252 |
|
253 |
// The following methods are internal to the class. |
254 |
|
255 |
function is_ok ($cmd = "") |
256 |
{ |
257 |
// Return true or false on +OK or -ERR |
258 |
|
259 |
if(empty($cmd)) { return false; } |
260 |
if ( ereg ("^\+OK", $cmd ) ) { return true; } |
261 |
return false; |
262 |
} |
263 |
|
264 |
function strip_clf ($text = "") |
265 |
{ |
266 |
// Strips \r\n from server responses |
267 |
|
268 |
if(empty($text)) { return $text; } |
269 |
$stripped = ereg_replace("\r","",$text); |
270 |
$stripped = ereg_replace("\n","",$stripped); |
271 |
return $stripped; |
272 |
} |
273 |
|
274 |
function parse_banner ( $server_text ) |
275 |
{ |
276 |
$outside = true; |
277 |
$banner = ""; |
278 |
$length = strlen($server_text); |
279 |
for($count =0; $count < $length; $count++) |
280 |
{ |
281 |
$digit = substr($server_text,$count,1); |
282 |
if(!empty($digit)) |
283 |
{ |
284 |
if( (!$outside) and ($digit != '<') and ($digit != '>') ) |
285 |
{ |
286 |
$banner .= $digit; |
287 |
} |
288 |
if ($digit == '<') |
289 |
{ |
290 |
$outside = false; |
291 |
} |
292 |
if($digit == '>') |
293 |
{ |
294 |
$outside = true; |
295 |
} |
296 |
} |
297 |
} |
298 |
$banner = $this->strip_clf($banner); // Just in case |
299 |
return "<$banner>"; |
300 |
} |
301 |
|
302 |
} // End class |
303 |
|
304 |
?> |